Lecture Transcript - Post Exploitation Introduction

So far in this course, we have seen how to discover and exploit a large number of vulnerabilities.

We seen how we can exploit these vulnerabilities, such as ESKIL injections, full inclusion and code

execution and even file upload and get a reverse shell so that we'll actually have access to the server

itself.

And the file upload example, we were able to upload a weekly show, which gives us a lot of capabilities

and a lot of features.

In simpler examples like the code execution and in the ESKIL injection, we only managed to get a reverse

shell.

So in this section we're going to see how we can interact with the reverse shell, with Waverly's shell,

and we'll see what can we do now that we actually have access to the target server.

So I'm going to start with the reverse shell, because it doesn't give us as much capabilities as we

believe and then we'll see how we can escalate that to a weekly shell and then we'll see what we can

do after that.

So first of all, here, I'm just going to listen on part eight eight eight eight.

And so that I just want to get a reverse connection on this computer now, I'm going to get my IP by

running if config.

And my IP is 10, 20, 14 to 13.

So I'm just going to go to my DPW and exploit the code execution vulnerability just so that we can have

a reverse shell and then we'll see how we can interact with it.

So I'm going to do this quickly because we've already spoke about it in the code execution lecture.

So I'm just going to set the security level to low.

And then go on the command execution.

Make this bigger.

And as you remember, we used to put an IP address.

I'm just going to put anything.

And the semicolon and then the code that we want to run and I want to get a connection using that,

so I'm going to do see.

And then put the port.

Now, this is the same code that we used in the Ezekial injection, we on Europe, this code.

It's the same code that we used with the file inclusion vulnerabilities as well.

So we'll actually be getting the same access as what we're getting in here when we exploit the other

vulnerabilities, the scale injection and the local file inclusion.

So if we go here.

Now we actually have a complete bombshell so we can run any Bush commands, we want the exact same commands

that we've seen in the Linux basic section at the start of this course.

Now, in all of the previous lectures we used to stop, once we get to this point and in the final upload,

as I said, we got a weekly shell, which gives us more, more capabilities.

So for the first thing, I'm going to teach you, what can you do now with this access, with their

virtual access?

Then once we know what you can do that we're going to see how you could escalate this and convert it

to a weekly shell, which allows you to get do more attacks or allow you to do more things on the target

computer.

Once we have a weekly shell, so will be at the same level at as what you would gain when you exploit

a file upload vulnerability.

We'll see.

What could you do with that?

So you you learn a large number of powerful attacks like running system commands.

Even if there is security on the target server, you'll learn how to navigate to other websites on the

same server, read, upload and download files, accessed the database and bypass security measurements

that might prevent you from doing these things.

So in the next lecture, I'm going to start from here and we're going to keep building up on our access

and we'll see what can we do on the target server.